Problems with Comodo Firewall

I just installed comodo firewall and haven’t been able to use my VPN connection with FRITZ!Box-Fernzugang (VPN mit FRITZ!Box | AVM Deutschland). It took me ages to find out that “Block fragmented IP Datagrams” was the reason for my connection not working and part of that was that there was no record anywhere of Blocked fragmented IP Datagrams. I think anything blocked should show up in the log by default. My log was totally empty but I could only establish my VPN-connection when comodo fiirewall was set to off.

By the way windows firewall is still active. Is this intended?

Best regards,
Frank

Hello and welcome to the forums.

The installer does not turn off Windows Firewall… a bit annoying…

I don’t totally understand what you tell about using the VPN connection. First you say that disabling Block fragmented IP datagrams makes it work and second you say that only disabling the firewall makes your VPN connection work. ???

hello and thank you.

Sorry english is not my mothertongue. As the firewall did not generate messages about what it blocked, I had to switch it off to get VPN working, which was the only way to find out that it was the firewall that was the reason for VPN not working.

In a 2nd step I left the firewall on and finally isolated “Block fragmented IP Datagrams” as being the issue. To get there I had to try a number of things as I didn’t have any idea what was going on and as the VPN-program does not mention it’s structure or any detail abt how it works (there are more than 1 program involved). This process wasted a lot of time. If the firewall logged the blocking of fragmented IP Datagrams for my VPN-program I had been much faster to find the reason.

And if there was an option in the log like doing a right-click on an entry specifying something like “allow” that had saved me time too, as I find the structure of comodo firewall not too easy.

Shouldn’t comodo firewall basically block the same stuff than windoze firwewall? Why is pfirewall.log still showing blocked packets after I installed comodo firewall?

Sounds reasonable to me. You can post that wish in the Firewall Wishlist board.

And if there was an option in the log like doing a right-click on an entry specifying something like "allow" that had saved me time too, as I find the structure of comodo firewall not too easy.
I have seen that recently suggested. I am not sure if it was in the wish board or as part of the wishes for v4 (which is currently in beta).
Shouldn't comodo firewall basically block the same stuff than windoze firwewall? Why is pfirewall.log still showing blocked packets after I installed comodo firewall?
Running two firewalls at the same time is not recommended as unpredictable things may happen. Please disable Windows Firewall.

Thanks I did originally and then got moved here :wink:

I am aware of that (and I disabled it when I noticed I had 2 Firewalls running) but I’m really a bit paranoid as Comodo Firewall does not list all those Packets, that I think schouldn’t get through a NAT-router anyway. I wish I had more time to dig into this. Right now it has to stay like that.

Thanks,
Frank

What exactly is being reported by Windows firewall that Comodo does not log once Window Firewall is not runing?

stuff like that:
2010-01-25 18:02:05 DROP TCP 213.165.64.22 192.168.1.99 995 3647 40 R 2907323457 0 0 - - - RECEIVE
2010-01-25 18:02:05 DROP TCP 213.165.64.22 192.168.1.99 995 3647 40 R 2907323457 0 0 - - - RECEIVE

(I had it on for a few secs to get this)

Can you show me a screenshot of your Global Rules? I think you are using CIS with the default settings.

If that is the case then using the Stealth Ports Wizard to set the firewall to “Block all incoming connections stealth my ports for everyone” will do the trick.

Sorry I can’t… don’t really understand what u want… it just crashed anyway and I think this product is not for me. I’m going to uninstall it. Desprite the fact I told it that the network 192.168.1.x was save it blocks access of my phone to the syslog daemon but doesn’t seem to block the rest.

I keeps asking me whether Thunderbird (same is true for other programs as well) should be allowed an outgoing connection on port 80 again and again despite having recorded that connection as allowed at least twice. This is too much… CIS has to go. It’s wasting too much time I don’t have.

Thank you very much for your efforts.

Frank

If you are willing to try it again somewhere in the future we will be here to guide you with it.

Because I like to fix things one last question. Are you using T’bird from a USB stick or did you nudge up the Firewall Behaviour Settings to custom?

To have me try it again it needs a restructure in it’s menues and (I’m going to write that in the suggestions area) a way of directly creating rules from the log without having to remember addresses and ports (I’m bad remembering stuff like that and by the time I found the right menue I can’t remember what I wanted unless I write it down)

I used both versions of T-bird, stick and harddisk (local), the one causing all those questions was the local one (3.0 the one on stick is still V2.xx as occasionally I need some of my old plugins to work). I used CIS in safe mode (I have to translate this from german) and found it created always at least 2 rules, exactly identical, for many questions it asked. I found up to 4 identical rules for other programs.

I mailed a crash-dump to cpfbugs yesterday.